<?php
namespace ucenter\client\controllers;

use Yii;
use heihei\filters\auth\JwtAuth;
use heihei\rest\AuthController;
use yii\filters\VerbFilter;
use yii\filters\AccessControl;
use yii\filters\auth\CompositeAuth;
use yii\web\ForbiddenHttpException;

/**
 * 需要用户登录基础控制器
 */
class BaseAuthController extends AuthController
{
    /**
     * @inheritdoc
     */
    public function beforeAction($action)
    {
        if (!parent::beforeAction($action)) {
            return false;
        }

        if ($this->checkAccess()) {
            return true;
        }

        throw new ForbiddenHttpException('不允许请求,无请求权限！');
    }

    /**
     * 检测请求当前控制器是否允许
     *
     * @return bool
     */
    public function checkAccess()
    {
        $user = Yii::$app->getUser();
        if($user->getIsGuest()){
            return true;
        }
        return $user->can($this->route);
    }
}
